Bird
0
0

Which of the following is a recommended practice by CIS Docker Benchmark for container images?

easy📝 Conceptual Q2 of 15
Docker - Security
Which of the following is a recommended practice by CIS Docker Benchmark for container images?
AUse the latest tag for all images
BAlways run containers as root user
CDisable image scanning for faster deployment
DUse minimal base images to reduce attack surface
Step-by-Step Solution
Solution:

  1. Step 1: Review CIS recommendation on images

    CIS advises using minimal base images to reduce vulnerabilities and attack surface.

  2. Step 2: Evaluate other options

    Running as root, disabling scanning, and using latest tag are discouraged for security reasons.

  3. Final Answer:

    Use minimal base images to reduce attack surface -> Option D

  4. Quick Check:

    Image security = Minimal base images [OK]
Quick Trick: Minimal images reduce vulnerabilities and improve security [OK]
Common Mistakes:
  • Running containers as root user
  • Ignoring image scanning
  • Using 'latest' tag blindly

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Docker Quizzes
Docker Swarm - Swarm mode initialization - Quiz 13medium Docker in CI/CD - Pushing images from CI - Quiz 5medium Image Optimization - Analyzing image layers with dive - Quiz 2easy Image Optimization - Analyzing image layers with dive - Quiz 15hard Image Optimization - Scratch base image for minimal containers - Quiz 4medium Logging and Monitoring - Docker events monitoring - Quiz 8hard Logging and Monitoring - Grafana dashboards for containers - Quiz 15hard Production Patterns - Backup and restore strategies - Quiz 6medium Production Patterns - Canary deployment pattern - Quiz 5medium Resource Management - Why resource limits matter - Quiz 3easy